security breacheshttp://www.maclife.com/taxonomy/term/5404/all
enComiXology Becomes Latest Online Security Breach, Forces Password Resethttp://www.maclife.com/article/news/comixology_becomes_latest_online_security_breach_forces_password_reset
<!--paging_filter--><p><img src="/files/u220903/comixology_password_reset_620px.png" alt="ComiXology password reset" width="620" height="300" /></p><p>If you're a fan of digital comic books or even a casual reader, chances are you woke up this morning to an email from ComiXology detailing a mandatory password reset after discovering a database security breach.<br /><br /><a href="https://www.comixology.com" target="_blank">ComiXology</a> emailed an "important security notice" to its customers on Thursday morning that details how an "unauthorized individual" recently gained access to one of their databases of customer information.<br /><br />Although payment account information is not stored on ComiXology servers, the unauthorized access did manage to tap into "usernames, email addresses and cryptographically protected passwords."<br /><br />"Even though we store our passwords in protected form, as a precautionary measure we are requiring all users to change their passwords on the comiXology platform and recommend that you promptly change your password on any other website where you use the same or a similar password," the email reads.<br /><br />"We have taken additional steps to strengthen our security procedures and systems, and we will continue to implement improvements on an ongoing basis," ComiXology added, noting the service never requests personal or account information in emails and customers should "exercise caution" should someone request such details in the future.<br /><br />ComiXology customers can <a href="https://www.comixology.com/forgot" target="_blank">click here to reset their password</a>, and as recommended above, might want to consider doing the same on other websites, especially where the same login details are used.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/comixology_becomes_latest_online_security_breach_forces_password_reset#commentsNewscomic bookscomixologycustomer datadatabasedigital booksdigital comicspassword resetpasswordssecurity breachesiPadiPhoneiPodMacThu, 06 Mar 2014 14:09:34 +0000J.R. Bookwalter19495 at http://www.maclife.comWeekend Recap: Aereo Goes to Supreme Court, Mac Pro in EU, Streamnationhttp://www.maclife.com/article/news/weekend_recap_aereo_goes_supreme_court_mac_pro_eu_streamnation
<!--paging_filter--><p><img src="/files/u220903/aereo_how_it_works_620px.png" alt="How Aereo works" width="620" height="300" /></p><p>It's been one of those good news, bad news kind of weekends. For Target shoppers, it's potentially one of the latter, while present and future Aereo customers fall more squarely in the former category, assuming the nation's most important court weighs in its favor. Ready to find out more? Dig in your virtual heels and jump head-first into our weekend recap...</p><h3>U.S. Supreme Court Will Decide Fate of TV Provider Aereo</h3><p>Upstart television provider <a href="http://blog.aereo.com/2014/01/statement-aereo-ceo-founder-chet-kanojia-2/" target="_blank">Aereo announced Friday</a> that it will finally get its day in court — in this case, the United States Supreme Court, which will hear the company's defense against ABC and other broadcasters looking to shut down its innovative service. Already available in New York City, Boston, Atlanta, Miami, Salt Lake City, Houston, Dallas, Denver, Detroit and Baltimore, Aereo uses a remote, cloud-based antenna with DVR technology to deliver over-the-air broadcast signals to the Mac, iOS and other devices for as little as $8 per month. Needless to say, television networks complain that Aereo is effectively stealing their signal, but thus far the startup has prevailed in smaller court battles. The Supreme Court will now ultimately decide if Aereo's technology "falls squarely within the law" as the company claims, and potentially fend off any future legal action from the networks once and for all.</p><h3>Apple Resumes Shipment of Mac Pro to Europe with Latest Model</h3><p><a href="http://9to5mac.com/2014/01/12/apple-now-shipping-the-mac-pro-to-europe-once-again-after-eu-ban-of-old-model/" target="_blank">9to5Mac reported Sunday</a> that European buyers of Apple's latest Mac Pro are now receiving shipment notifications, with deliveries arriving as early as January 14. The previous models were effectively banned by the European Union nearly a year ago due to a regulatory change that affected the Mac Pro's fans and electrical ports — problems that do not impact the latest and greatest tubular black models. <a href="http://www.macg.co/mac/2014/01/premieres-expeditions-des-mac-pro-pour-leurope-79176" target="_blank">According to MacGeneration</a>, European orders placed today from Apple's online store will be received in February.</p><h3>Streamnation Celebrates New Year with More Free Storage</h3><p>2014 is here in full force, and the folks behind <a href="https://www.streamnation.com/blog/index.php/celebrating-new-year-with-great-new-features/" target="_blank">Streamnation have decided to celebrate</a> with their customers by increasing free storage from a puny 2GB to a more generous 5GB — this, of course, is in addition to any free storage earned from referrals or other means, and the extra helping of cloud storage space for photos or videos also applies to paid subscribers as well. Last month, Streamnation rolled out new desktop clients for Mac and Windows, introduced the ability to upload or download in the background on iOS and an improved web interface to show the progress of files being transferred. Last but not least, users can now choose to allow friends to download content just by checking a box when sharing from the Photos and Videos library.</p><h3>Target Data Breach Bigger Than Thought, 70 Million More Affected</h3><p>Unfortunately, Target's data breach nightmare is like a snowball from hell, getting larger and larger as it rolls downhill. <a href="https://corporate.target.com/discover/article/an-update-on-our-data-breach-and-financial-perform" target="_blank">The retailer announced Friday</a> that "certain guest information" was also taken from Target in addition to the previously announced holiday incident, and their investigation shows that the stolen information "includes names, mailing addresses, phone numbers or email addresses for up to 70 million individuals." The retailer will be offering a year of free credit monitoring and identity theft protection for all Target guests who shopped in U.S. locations, with additional details on that offer coming sometime this week.</p><h3>Snapchat Update Makes Find Friends Optional</h3><p>Following an unpopular update which linked phone numbers with usernames, <a href="http://blog.snapchat.com/post/72768002320/find-friends-improvements" target="_blank">Snapchat announced Thursday</a> that they've released a new iOS and Android update to "improve" that Find Friends functionality and allow users to opt-out of such linkage. Snapchatters will also be required to verify their phone numbers prior to using Find Friends, which the chat network claims will "prevent future attempts to abuse our API."<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p>http://www.maclife.com/article/news/weekend_recap_aereo_goes_supreme_court_mac_pro_eu_streamnation#commentsNewsAereoEuropean Unionfree storageMac Pro 2013security breachesSnapchatStreamnationsupreme courtTargetweekend recapiPadiPhoneiPodMacMon, 13 Jan 2014 13:20:49 +0000J.R. Bookwalter19043 at http://www.maclife.comTarget Confirms Credit, Debit Card Security Breach, 40M Accounts May Be Affectedhttp://www.maclife.com/article/news/target_confirms_credit_debit_card_security_breach_40m_accounts_may_be_affected
<!--paging_filter--><p><img src="/files/u220903/target_retail_store_620px.png" alt="Target retail store" width="620" height="300" /></p><p>If you happened to shop for a new iPad at a Target store over the last three weeks, you may want to check your credit card statements -- the retailer has just confirmed nearly 40 million credit and debit cards may be part of a new security breach.<br /><br /><a href="http://pressroom.target.com/news/target-confirms-unauthorized-access-to-payment-card-data-in-u-s-stores" target="_blank">Target confirmed Thursday</a> that its retail stores were the victim of a security breach involving millions of credit and debit card accounts that began right around Black Friday last month.<br /><br />The breach was <a href="http://krebsonsecurity.com/2013/12/sources-target-investigating-data-breach/" target="_blank">first reported Wednesday by Krebs on Security</a> and confirmed today by Target, who claims the issues has been "identified and resolved." The retailer is now working with "a leading third-party forensics firm" to investigate the incident.<br /><br />“Target’s first priority is preserving the trust of our guests and we have moved swiftly to address this issue, so guests can shop with confidence. We regret any inconvenience this may cause,” said Gregg Steinhafel, chairman, president and chief executive officer, Target. “We take this matter very seriously and are working with law enforcement to bring those responsible to justice.”<br /><br />Target claims "approximately" 40 million credit and debit card accounts "may have been impacted" between November 27 and December 15 -- the height of the post-Thanksgiving holiday shopping season.<br /><br />The incident appears to be limited only to brick-and-mortar retail stores; online orders were not affected. Target has already alerted financial institutions and the company "is putting all appropriate resources" behind the investigation.<br /><br />As always, readers who have shopped at a Target retail store since November 27 are encouraged to keep a close eye on their accounts and immediately report any suspicious activity to the bank in question.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/target_confirms_credit_debit_card_security_breach_40m_accounts_may_be_affected#commentsNewsbank accountsBlack Fridaycredit cardsdebit cardsholiday shoppingKrebs on SecurityRetail Storessecurity breachesTargetThu, 19 Dec 2013 14:22:57 +0000J.R. Bookwalter18915 at http://www.maclife.comAdobe Falls Victim to Security Breach, 2.9M Customers Affectedhttp://www.maclife.com/article/news/adobe_falls_victim_security_breach_29m_customers_affected
<!--paging_filter--><p><img src="/files/u220903/adobe_headquarters_with_cloud_620px.png" alt="Adobe headquarters" width="620" height="300" /></p><p>It's been relatively quiet since the last high-profile security breach of a technology company, but that silence ended Thursday with Adobe's announcement that the company had fallen victim to a cyber attack.<br /><br /><a href="http://blogs.adobe.com/conversations/2013/10/important-customer-security-announcement.html" target="_blank">Adobe announced Thursday</a> that as many as 2.9 million customers could be affected by "sophisticated attacks" on the software provider's network which involved "the illegal access of customer information as well as source code for numerous Adobe products."<br /><br />While Adobe does not believe the hackers were able to remove decrypted credit or debit card numbers from their systems, the Photoshop publisher has reset customer passwords for those potentially affected, and recommends changing passwords on other websites that use the same login.<br /><br />The company is also separately notifying customers whose payment information may be at risk, and will be offering a complimentary one-year membership in a credit monitoring service.<br /><br />"We are also investigating the illegal access to source code of numerous Adobe products," writes Brad Arkin, Adobe's chief security officer. "Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident."<br /><br />Needless to say, Adobe has also enlisted federal law enforcement agencies to help track down the cyber thieves, and the company believes the two separate attacks "may be related."<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/adobe_falls_victim_security_breach_29m_customers_affected#commentsNewsAdobecredit cardscustomersdebit cardshackedillegalpasswordssecurity breachessoftwaresource codeiPadiPhoneiPodMacFri, 04 Oct 2013 11:38:15 +0000J.R. Bookwalter18236 at http://www.maclife.comApple Confirms Developer Portal Security Breach Took Place Last Weekhttp://www.maclife.com/article/news/apple_confirms_developer_portal_security_breach_took_place_last_week
<!--paging_filter--><p><img src="/files/u220903/apple_developer_security_notice_620px.png" alt="Apple developer maintenance" width="620" height="300" /></p><p>If you follow any iOS developers on Twitter, you may have noticed an increased amount of chatter over the last few days about Apple's developer portal being down, which the company has now confirmed to be a security breach.<br /><br /><a href="http://devimages.apple.com/maintenance/" target="_blank">Apple announced Sunday</a> that its iOS and OS X developer portals fell victim to a security issue last Thursday, causing the iPhone maker to take the entire system down for what at first seemed like routine maintenance that continued into this week.<br /><br />"Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website," finally confessed Sunday night. "Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers’ names, mailing addresses, and/or email addresses may have been accessed.<br /><br />"In the spirit of transparency, we want to inform you of the issue," the message on the developer portal continues. "We took the site down immediately on Thursday and have been working around the clock since then."<br /><br />It appears the reason for the extended outage is that Apple isn't simply patching the hole, but actually doing a complete overhaul to its security:<br /><br />"In order to prevent a security threat like this from happening again, we’re completely overhauling our developer systems, updating our server software, and rebuilding our entire database," the post concludes. "We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon."<br /><br />A company spokesperson also <a href="http://www.macworld.com/article/2044865/apple-explains-extended-developer-portal-outage.html#tk.twt_lexfri" target="_blank">separately confirmed the incident to Macworld</a>, adding that the attacker "did not have access to app code, or the servers where app information is stored," which should make developers breathe just a little easier.<br /><br />Apple added that developers whose membership was set to expire during the outage won't have any concerns -- Cupertino has extended the renewal period, although it's unclear how much longer the service will be down.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/apple_confirms_developer_portal_security_breach_took_place_last_week#commentsNewsApple Inc.Developer PortalDevelopersiOS Dev CenterMac Dev CenterMac OS XMaintenancesecurity breachesiPadiPhoneiPodMacMon, 22 Jul 2013 12:48:59 +0000J.R. Bookwalter17586 at http://www.maclife.comOvernight Recap: VUDU Security Breach, Starbucks Freebies Now Card-lesshttp://www.maclife.com/article/news/overnight_recap_vudu_security_breach_starbucks_freebies_now_cardless
<!--paging_filter--><p><img src="/files/u220903/starbucks_angry_birds_star_wars_200px.jpg" alt="Starbucks Angry Birds Star Wars" width="200" height="150" class="graphic-right" />Everyone loves a freebie, but how far are you willing to go to get one? If you happen to be a loyal Starbucks customer, that dedication has been rewarded with plenty of free apps and iBooks courtesy of their "Pick of the Week" cards -- but now you don't even need to step foot inside a Starbucks location to take advantage of that deal, as long as you have the company's iOS app installed. Find out more in today's recap...</p><h3>VUDU Notifies Customers of Security Breach, Passwords Reset</h3><p>Walmart-owned <a href="http://www.vudu.com/password_faq.html" target="_blank">VUDU notified customers of a security breach Tuesday afternoon</a>, prompting the streaming video provider to force a reset of all user passwords. Unlike other recent security scares, this one was more physical in nature: The company's offices were broken into on March 24, and the thieves made off with a number of items, including hard drives containing some customer information, including encrypted account passwords. While VUDU seems confident that the thieves won't be able to break the encryption, they've reset account passwords out of an abundance of caution, and affected users will receive one year of AllClear PLUS identity protection service for the trouble.</p><h3>Starbucks Pick of the Week Now All-Digital</h3><p><a href="http://news.cnet.com/8301-1035_3-57578443-94/starbucks-mobilizes-pick-of-the-week-gives-away-angry-birds-star-wars/" target="_blank">CNET reported Tuesday</a> that Starbucks is doing away with its free "Pick of the Week" cards found in retail stores, which have offered paid selections from the App Store or iBookstore since 2011. In its place, the feature will now be exclusive to the Starbucks iOS app, requiring just a tap to download on their device. And the first free title is a doozy: Angry Birds Star Wars, Rovio's mash-up of its popular game title with a George Lucas-inspired makeover. The coffee maker claims more than 10 million active users across both iOS and Android, with 100,000 downloads each week -- a number that's only likely to increase now that customers won't even have to step inside a Starbucks brick-and-mortar location to grab one of those freebie cards.</p><h3>Google Chrome for iOS Adds Printing, Fullscreen View</h3><p>Although its Chrome for iOS app will have to remain on Apple's original WebKit path instead of the Blink engine being used from now on, Google is still updating the browser, <a href="https://itunes.apple.com/us/app/chrome/id535886823?mt=8" target="_blank">with an new update on Tuesday</a>. The almost comically named version 26.0.1410.50 adds full-screen support for the iPhone and iPod touch as well as printing for all iOS devices via Google Cloud Print or AirPrint. Users will also be able to save any web page as a PDF file, which gets saved to your connected Google Drive account. There are also stability, security and bug fixes on deck, so if you're a Google Chrome fan, this one's probably worth a download.</p><h3>Boingo Partners with AT&amp;T for Worldwide Wi-Fi Roaming</h3><p>Worldwide Wi-Fi provider <a href="http://www.businesswire.com/news/home/20130409005436/en/Boingo-Announces-Global-Wi-Fi-Roaming-Agreement-ATT" target="_blank">Boingo Wireless announced Tuesday</a> that it has struck a roaming deal with AT&amp;T. Using the AT&amp;T International App, travelers with an "applicable global data package" will now have free access to Wi-Fi hotspots around the globe, which serve more than 1.5 billion people each year. The deal is also good news for Boingo's international customers, who will now have access to AT&amp;T's vast Wi-Fi network here in the U.S. as well. Beyond the requirement of having a 300MB or 800MB AT&amp;T Data Global Add-On package, there is one catch: The free Boingo Wi-Fi access is capped at 1GB per month, after which time you'll presumably have to pony up more cash to keep the party going until the next month rolls around.</p><h3>Google Rolls Out "Fresh New Look" for Play</h3><p><a href="http://officialandroid.blogspot.com/2013/04/a-fresh-new-look-for-google-play.html" target="_blank">The Android Official Blog announced Tuesday</a> that the Google Play store is getting a fresh coat of paint, with a focus on "bigger images that jump off the page" and better organization for content with a similar theme. The redesign also boasts a better recommendations engine toward the bottom of the page, with "simplified purchasing" rounding out the package. In order to receive the update, a device needs to be running Android 2.2 Froyo or higher, with the update is rolling out around the world over the next few weeks.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/overnight_recap_vudu_security_breach_starbucks_freebies_now_cardless#commentsNewsAngry Birds Star WarsAT&TBoingoChrome for iOSGoogle Playovernight recapsecurity breachesStarbucksvuduiPadiPhoneiPodMacWed, 10 Apr 2013 12:19:01 +0000J.R. Bookwalter16691 at http://www.maclife.comTwitter, Tumblr, Pinterest All Affected by Zendesk Security Breachhttp://www.maclife.com/article/news/twitter_tumblr_pinterest_all_affected_zendesk_security_breach
<!--paging_filter--><p><img src="/files/u220903/zendesk_200px.png" alt="Zendesk" width="200" height="150" class="graphic-right" />Another day, another security breach at a technology company. But this one has hit Zendesk, a company providing customer service software, which means others are also being affected.<br /><br />As first noted in an email from Tumblr to affected customers Thursday night, <a href="http://www.wired.com/threatlevel/?p=54338" target="_blank">Wired is reporting</a> that a security breach at <a href="http://www.zendesk.com" target="_blank">Zendesk</a> also affects Twitter and Pinterest users as well -- but apparently, only customers who have had interaction with customer service at some point in the past.<br /><br />"We’ve become aware that a hacker accessed our system this week," <a href="http://www.zendesk.com/blog/weve-been-hacked" target="_blank">a blog post from Zendesk</a> reads. "As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had."<br /><br />Zendesk has narrowed the scope of the attack to the three clients above, with email addresses and email subject lines potentially stolen from customers who contacted these companies for support.<br /><br />Three isn't such a big number considering Zendesk touts more than 25,000 clients on its website, and the hack does not appear to involve passwords of any kind. Wired sources also claim Tumblr, Twitter and Pinterest have yet to report any user accounts that have been compromised as part of this attack.<br /><br />Zendesk is a service that allows companies to essentially outsource some of its customer service using software.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/twitter_tumblr_pinterest_all_affected_zendesk_security_breach#commentsNewsclientsCustomer ServicecustomershackersPinterestsecurity breachessoftwareTumblrTwitterZendeskMacFri, 22 Feb 2013 13:17:42 +0000J.R. Bookwalter16298 at http://www.maclife.comWeekend Recap: Twitter Security Breach, Blockbuster On Demand Returnshttp://www.maclife.com/article/news/weekend_recap_twitter_security_breach_blockbuster_demand_returns
<!--paging_filter--><p><img src="/files/u220903/blockbuster_on_demand_mac_200px.jpg" alt="Blockbuster on Demand for Mac" width="200" height="150" class="graphic-right" />Oh, Blockbuster… it seems like no matter what you do, you just can't get it right. Take for instance your latest attempt to reboot your video-on-demand service, which curiously leaves out iOS entirely. OK sure, there are a lot of Android users and that's one potential audience, but to omit an iPhone and iPad app seems a little misguided to us. But hey, you can watch rentals on your Mac… hello? Anyone interested in that…?</p><h3>Twitter Confirms Security Breach for 250,000 Users</h3><p>Having problems logging into your Twitter account this past weekend? If so, it might be because you were one of the 250,000 users affected by a security breach at the microblogging service. <a href="http://blog.twitter.com/2013/02/keeping-our-users-secure.html" target="_blank">Twitter's blog claims</a> the unauthorized access was limited to "one live attack" which they were able to shut down moments later, but a further investigation showed that usernames, email addresses, session tokens and encrypted/salted versions of passwords for up to a quarter million users may have been affected. Such users will receive an email from Twitter, after which time you'll have to create a new password -- but if you're particularly paranoid, you may want to do it anyway before you finish reading this weekend recap.</p><h3>Blockbuster Retools On Demand for Mac, But Where's the iOS App?</h3><p>Former video rental goliath Blockbuster may be a mere shadow of its former self now, but the company continues to explore other options for continued existence. <a href="http://blog.blockbuster.com/2013/02/blockbuster-on-demand-is-here/" target="_blank">The latest is a reboot of Blockbuster On Demand</a>, its "new and improved" digital rental service offering thousands of movies in "stunning HD and full surround sound." It all sounds pretty good until you <a href="http://www.blockbusternow.com" target="_blank">head to the website</a> and try to download the apps, only to discover they're limited to Samsung TV and Blu-ray players, Mac or PC and Android tablets or phones, though second-generation Roku and higher is touted as "coming soon." No iPhone, iPod touch or iPad? Seems like an ill-fated reboot, if you ask us...</p><h3>Path Settles with FTC Over Underage Privacy Concerns</h3><p>Social network <a href="http://blog.path.com/post/42023928427/path-and-the-ftc" target="_blank">Path announced in a blog post Friday</a> that it had reached a settlement with the U.S. Federal Trade Commission (FTC) over alleged violations of the Children's Online Privacy Protections Act (COPPA). "The gist of the FTC’s complaint is this: early in Path’s history, children under the age of 13 were able to sign up for accounts," the blog post explained. "A very small number of affected accounts have since been closed by Path." The issue stemmed from the Path app not automatically rejecting users who indicated they were under 13, a problem the company claims to have fixed before the FTC "reached out" to them. It's only the latest in what seems to be a long string of privacy offenses from Path, but will it be the last?</p><h3>Tapbots Helps Spur App.net Adoption with Free Limited Time Netbot App</h3><p>Many Twitter users have become frustrated with changes the microblogging service has made over the last year or two, which is why App.net has become a viable alternative for many in the tech community. It's also why Tapbots released Netbot, a third-party App.net client that echoes their popular Tweetbot solution for Twittter -- and if you act quickly, you can get it absolutely free. "In order to spur adoption of App.Net we've decided to make Netbot for iPhone and for iPad free for an unspecified period of time," <a href="https://alpha.app.net/tapbots/post/2705300" target="_blank">the company posted on -- where else? -- App.net last week</a>. There's just one caveat: You'll need to pay at least $5 per month (or $36 per year) to use the app in the first place, since App.net is a subscription-only service.</p><h3>Dropbox Adds Social Sharing for Photos, Documents</h3><p><a href="http://www.theverge.com/2013/1/30/3933144/dropbox-unveils-social-photo-sharing-easier-photo-management-and" target="_blank">The Verge reported last week</a> that cloud storage service Dropbox is taking yet another big, bold move into social photo sharing and document previews. Kicking off first on the web-based and rolling out to users over the next few months, Dropbox now offers up a one-click quick preview of PDF or Microsoft Office documents (Excel is not yet supported, however). On the photo side, Dropbox is attempting to give users something to do with all the images they've automatically uploaded from iOS and Android, collecting all of the images on your account into a single view on the website, organized by time and date and ready to post on Facebook, Twitter or via email. The beauty of the system is that albums are "virtual" -- it doesn't matter where they actually reside in Dropbox, the service will gather them up for you. Anyone out there in MacLife.com Land get these cool features yet?<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p>http://www.maclife.com/article/news/weekend_recap_twitter_security_breach_blockbuster_demand_returns#commentsNewsApp.netBlockbusterDropboxinternet privacymac appsPathsecurity breachesTapbotsTwitterweekend recapiPadiPhoneMacMon, 04 Feb 2013 13:31:24 +0000J.R. Bookwalter16145 at http://www.maclife.comOvernight Recap: 1Password 4 for iOS, FxFactory 4.0, Hacks at Skype, Adobehttp://www.maclife.com/article/news/overnight_recap_1password_4_ios_fxfactory_40_hacks_skype_adobe
<!--paging_filter--><p><img src="/files/u220903/1password_4_for_ios_200px.png" alt="1Password 4 for iOS" width="200" height="150" class="graphic-right" />The big news Wednesday revolved around a potential delay for new iMac owners, with the sleek new desktops rumored to start shipping in early 2013 rather than by the end of this year. Of course, iTunes Match subscribers also got their first $24.99 renewals this week as well, while the wait for iTunes 11 continues. And hey, how about that 1Password 4 for iOS! What's that? You didn't hear about it? Well, read on and find out more...</p><h3>iMore Gets First Peek at 1Password 4 for iOS</h3><p><a href="http://www.imore.com/first-look-1password-4-iphone-ipad" target="_blank">Those lucky so-and-so's over at iMore got their hands on the next major version of 1Password for iOS</a>, which has been completely redesigned and will soon be offered as an entirely new app rather than an update to the existing version. 1Password 4 for iOS dumps the four-digit PIN code in favor of the same master password used by the desktop version, but adds a new Favorites tab for quick access to your most-used data. The new version also displays folders you have set up in another tab, and Settings have also been overhauled along with a fresh coast of UI paint over the whole shebang. No word on when 1Password 4 for iOS will land, but developer AgileBits noted that the new app will come with a special launch price to make it cheaper for existing users to upgrade; the current apps will no longer be sold but will continue to be supported, including the ability to download them again from iTunes, should you need to.</p><h3>FxFactory 4.0 Now Available for Adobe Premiere Pro CS6</h3><p><a href="http://www.noiseindustries.com/support/fxfactory400/" target="_blank">Noise Industries announced Wednesday</a> that its popular visual effects software FxFactory is now compatible with Adobe Premiere Pro CS6, courtesy of the new version 4.0 update. The release adds plug-in support for Adobe's video editing software on top of existing compatibility with Final Cut Pro, Motion and After Effects, now powering hundreds of hardware-accelerated, film-quality visual effects. FxFactory 4.0 also includes updates to some of its most recent products, including Photo Montage, Motype 1.3, Callouts 1.3, Cleaner 2.0 and Split Animator. The update is now available from the Noise Industries website and is free to all existing users.</p><h3>Skype Briefly Disables Password Resets After Security Gaffe</h3><p><a href="http://www.theverge.com/2012/11/14/3643954/skype-account-email-address-password-recovery-hack-security-hole" target="_blank">As first noted by The Verge</a>, Skype briefly shut down password resets on user accounts Wednesday after being notified by users of a possible security breach. <a href="http://heartbeat.skype.com/2012/11/security_issue.html" target="_blank">According to Skype</a>, the issue "affected some users where multiple Skype accounts were registered to the same email address," an issue that was quickly resolved. If you're one of those affected by the problem, you may have already been contacted by Skype -- if not, move along, folks, nothing to see here.</p><h3>Samsung Denies Apple Component Price Hike</h3><p><a href="http://www.thestreet.com/story/11766909/1/apple-investors-can-relax-a-little-bit.html" target="_blank">The Street reported Wednesday</a> that a Samsung Electronics official has denied a recent report claiming the component maker is hiking Apple's application processor prices by as much as 20 percent. According to a quote in Korean-based newspaper The Hankyoreh, an unnamed official "noted that prices are set at the beginning of the year and aren't changed easily," despite the contentious relationship between Apple and Samsung lately. Analyst Gene Munster of Piper Jaffray claimed that a 20 percent price jump would hit Apple's gross margins by one or two percent, but it was likely that Apple would respond by moving on to another manufacturer with more favorable pricing. But for now, it appears there may have been much ado about nothing...</p><h3>Adobe ConnectUsers.com Support Website Hacked</h3><p>Skype wasn't the only one dealing with security problems Wednesday, with <a href="http://www.electronista.com/articles/12/11/14/site.shut.down.passwords.reset.for.those.affected" target="_blank">Electronista reporting that one of Adobe's support websites was compromised by hackers late Tuesday</a>. One such hacker from Egypt took credit for the intrusion, providing 644 user records from the site to support their claim. All told, 150,000 such user information are believed to have been stolen in the attack, including email addresses, prompting Adobe to briefly shut down connectusers.com and reset the passwords of those affected by the issue.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a><br /><br />(Image courtesy of iMore)</em></p><p>&nbsp;</p>http://www.maclife.com/article/news/overnight_recap_1password_4_ios_fxfactory_40_hacks_skype_adobe#commentsNews1PasswordAdobeFirst LookFxFactoryovernight recapPremiere Pro CS6Samsungsecurity breachesskypeiPhoneMacThu, 15 Nov 2012 13:21:05 +0000J.R. Bookwalter15587 at http://www.maclife.com1 Million iOS UDIDs Leaked, Could Yours Be One of Them?http://www.maclife.com/article/news/1_million_ios_udids_leaked_could_yours_be_one_them
<!--paging_filter--><p><img src="/files/u220903/itunes_udid_display_200px.png" alt="iTunes UDID" width="200" height="150" class="graphic-right" />Don't panic, but the universal device ID (UDID) of your iPhone, iPad or iPod touch may be floating around in the public eye today thanks to a compromised FBI laptop dating back to March.<br /><br /><a href="http://lifehacker.com/5940197/1-million-apple-device-ids-leaked-12-million-total-stolen" target="_blank">Lifehacker is reporting</a> that Antisec has made public one million Apple device IDs on Tuesday, part of more than 12 million the group nabbed from a laptop owned by the FBI in March, 2012.<br /><br />Better known as UDID, Apple's Universal Device ID is a unique number assigned to every iPhone, iPod touch or iPad. By itself it can't be used for much, but the leaked data also includes Notification Center tokens and device names, which could potentially be used to link the UDID numbers back to their owners.<br /><br /><a href="http://pastebin.com/nfVT7b0Z" target="_blank">According to Antisec</a>, the full dump of 12 million UDIDs "also contains names, addresses, cellphone numbers, and other information about the device owners" -- but it's important to note that this information has not yet been leaked to the public.<br /><br />While it's unclear exactly what the FBI was doing with 12 million UDIDs in the first place, <a href="http://kimosabe.net/test.html" target="_blank">there are already websites in place</a> where you can check to see if yours is in the dump of the first million. Unfortunately, that doesn't help with the remaining 11 million yet to be revealed, but for now it seems there's no reason to panic.<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/1_million_ios_udids_leaked_could_yours_be_one_them#commentsNewsAntisecApple Inc.FBIios deviceslaptopleakssecurity breachessecurity issueUDIDUniversal Device IDiPadiPhoneiPodTue, 04 Sep 2012 13:08:33 +0000J.R. Bookwalter14962 at http://www.maclife.comReport: Apple Suspends Telephone-Based Password Resetshttp://www.maclife.com/article/news/report_apple_suspends_telephonebased_password_resets
<!--paging_filter--><p><img src="/files/u220903/mat_honan_hacked_200px.png" alt="Mat Honan hacked" width="200" height="150" class="graphic-right" />In the wake of <em>Wired</em> reporter Mat Honan's epic digital security meltdown last weekend, it seems that both Apple and Amazon are beefing up their own security to make sure such a thing can't happen again.<br /><br /><a href="http://www.wired.com/gadgetlab/2012/08/apple-icloud-password-freeze/" target="_blank"><em>Wired</em> is reporting</a> that Apple has instructed tech support staff to stop processing Apple ID password changes requested over the telephone following last weekend's security gaffe with tech journalist Mat Honan.<br /><br />That incident resulted in a hacker using the last four digits of Honan's credit card -- which was pulled from Amazon.com -- to gain access to the reporter's iCloud account simply by calling Apple support. The result was nearly all of Honan's digital life erased within the space of an hour, including having his iPhone, iPad and MacBook Air remotely wiped by the hacker.<br /><br />According to Apple employees, Cupertino has moved swiftly to avoid further incidents with a freeze on password resets via telephone, which are expected to last "at least 24 hours."<br /><br />"The employee speculated that the freeze was put in place to give Apple more time to determine what security policies needed to be changed, if any," the report noted.<br /><br />Amazon appears to have already quietly patched its own customer service security hole on Tuesday, which allowed anyone with a customer's name, email and mailing address to gain control of accounts there.<br /><br />Apple has yet to publicly comment on the security issue, but appears to be weighing its options as part of the telephone password reset freeze.<br /><br />“Right now, our system does not allow us to reset passwords,” an Apple representative told Wired. “I don’t know why.”<br /><br /><em>Follow this article’s author, <a href="http://twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p><em>(Image courtesy of Wired)</em></p><p>&nbsp;</p>http://www.maclife.com/article/news/report_apple_suspends_telephonebased_password_resets#commentsNewsAmazonapple idApple Inc.iCloudMat Honanpassword recoverySecuritysecurity breachestelephonewirediPadiPhoneWed, 08 Aug 2012 13:44:54 +0000J.R. Bookwalter14746 at http://www.maclife.comAmazon, Apple Security Flaws Led to Tech Journalist Being Hackedhttp://www.maclife.com/article/news/amazon_apple_security_flaws_led_tech_journalist_being_hacked
<!--paging_filter--><p><img src="/files/u220903/mat_honan_hacked_200px.png" alt="Mat Honan hacked" width="200" height="150" class="graphic-right" />Feeling safe and secure about your online life, are you? That may change after you read the harrowing tale of a Wired reporter whose entire digital life was erased over the weekend -- and how you can avoid the same fate.<br /><br /><a href="http://www.twitter.com/JRBTempe" target="_blank"><em>Wired</em> reporter Mat Honan was hacked over the weekend</a>, and like any good tech journalist, has written up his adventure into a cautionary tale for all to read. Security flaws in both Amazon and Apple customer service systems caused Honan's digital life to erode before his very eyes.<br /><br />"First my Google account was taken over, then deleted," Honan writes. "Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook."<br /><br />So how did it all go down? It seems that Amazon tech support actually gave the hacker the ability to see four digits of Honan's credit card number, which was enough to use Apple tech support to access the journalist's iCloud account -- as well as at least a few other, less public users.<br /><br />The problem stems from Honan using the same credit card on both Amazon and Apple. Accessing the iCloud account through Apple Support required only the user's billing address and the last four digits of his credit card, which was easily obtained from Amazon. That's enough to give anyone a temporary iCloud password, and from there it was all downhill.<br /><br />"Apple takes customer privacy seriously and requires multiple forms of verification before resetting an Apple ID password," explains Apple spokeswoman Natalie Kerris. "In this particular case, the customer’s data was compromised by a person who had acquired personal information about the customer. In addition, we found that our own internal policies were not followed completely. We are reviewing all of our processes for resetting account passwords to ensure our customers’ data is protected."<br /><br />MacLife.com encourages readers to follow the entire saga on <em>Wired</em> and it's certainly worth it to plug any potential holes in your own security, even though Apple is likely to step up their own efforts in the wake of this very public gaffe.<br /><em><br />Follow this article’s author, <a href="http://www.twitter.com/JRBTempe" target="_self">J.R. Bookwalter on Twitter</a><br /><br /></em><em>(Image courtesy of Wired)</em></p><p>&nbsp;</p>http://www.maclife.com/article/news/amazon_apple_security_flaws_led_tech_journalist_being_hacked#commentsNewsAmazonApple Supportbillingcredit cardsiCloudJournalistsMat Honansecurity breachesverificationwiredTue, 07 Aug 2012 12:59:27 +0000J.R. Bookwalter14732 at http://www.maclife.comDual Bummers for LinkedIn: Calendar Security, 6.46 Million Passwords Leakedhttp://www.maclife.com/article/news/dual_bummers_linkedin_calendar_security_646_million_passwords_leaked
<!--paging_filter--><p><img src="/files/u220903/linkedin_sign_on_wall_200px.png" alt="LinkedIn sign on wall" width="200" height="150" class="graphic-right" />A lot can happen overnight, and in the case of professional social network LinkedIn, the company is likely waking up with a big headache this morning. On top of a security flaw being discovered with its mobile calendar feature, the company is also facing a security breach with millions of user passwords potentially leaked online.<br /><br /><a href="http://blog.linkedin.com/2012/06/06/mobile-calendar-feature/" target="_blank">The LinkedIn Blog has responded</a> to accusations late Tuesday that the company’s mobile apps are collecting user data from the opt-in calendar feature, including potentially sensitive meeting notes, appointment times and even the names of attendees.<br /><br />“In order to provide our calendar service to those who choose to use it, we need to send information about your calendar events to our servers so we can match people with LinkedIn profiles,” the company explains in a blog post. “That information is sent securely over SSL and we never share or store your calendar information.”<br /><br />The company’s Android app has already been updated with improvements, which include no longer sending data from the meeting notes section of calendar events, as well as the addition of a “learn more” link for users who want to know more about how such data is being used. LinkedIn has submitted an <a href="http://itunes.apple.com/us/app/linkedin/id288429040?mt=8" target="_blank">iOS update to the App Store</a>, which “will be available shortly.”<br /><br />The second mid-week headache for LinkedIn could be even more serious, however. <a href="http://www.theverge.com/2012/6/6/3067523/linkedin-password-leak-online" target="_blank">According to The Verge</a>, “a user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details” -- 6,458,020 encrypted passwords, to be exact.<br /><br />While usernames were not part of the data posted, it appears that they have indeed been downloaded by the hacker. Although the passwords are hashed with SHA-1 for additional security, users are advised to log in and change their password, just to be safe.<br /><br />There’s an outside chance that the hacker’s claims could be bogus and LinkedIn has yet to comment on any potential breach, but either way, it’s not a good day to be an executive at the company -- nor a member of its IT department, it seems.<br /><br /><em>Follow this article’s author, <a href="http://www.twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em></p><p>&nbsp;</p>http://www.maclife.com/article/news/dual_bummers_linkedin_calendar_security_646_million_passwords_leaked#commentsNewsApp StorebreachcalendarsencryptediOS appslinkedinopt-inpasswordssecurity breachessocial networkiPadiPhoneWed, 06 Jun 2012 13:12:12 +0000J.R. Bookwalter14240 at http://www.maclife.comiPhone Spam Strikes Facebook and Pinghttp://www.maclife.com/article/news/iphone_spam_strikes_facebook_and_ping
<!--paging_filter--><p><img src="/files/u220903/facebook_iphone_spamming_380px.jpg" alt="Facebook iPhone spam security message" width="380" height="207" /><br /><em>(Image courtesy of 9to5Mac)</em><br /><br />They may not be bosom buddies at the moment, but Facebook and Ping are together in feeling the pain of spam -- in this case, the kind that touts supposedly “free” iPhones, as if there could ever be such a thing.<br /><a href="http://www.9to5mac.com/24121/facebook-ping-hit-by-iphone-spam-attackers" target="_blank"><br />9to5Mac is reporting</a> on the spamming attack that struck Facebook last weekend and is currently hitting Apple’s new Ping service, launched on Wednesday. Both services appear to be lucrative targets for spammers to rein in new victims, in this case by offering a “free” iPhone for those foolish enough to get trapped. (Spoiler: There is no such thing as a “free” iPhone.)<br /><br />“For a few hours on Sunday, there was a spamming incident on Facebook,” reads the message posted for affected users by the site’s security team. “During this time, photos (mostly of supposedly “free” iPhones) were posted to some people’s Walls, including yours. We’ve removed the photo from your Wall and fixed the issue that allowed spammers to do this. We’re sorry about the photo, but can assure you that did this did not affect the security of your account in any way.”<br /><br />Be that as it may, it doesn’t resolve the question of how the spam wound up there to begin with, <a href="http://www.sophos.com/blogs/chetw/g/2010/09/02/apple-pingd-comment-spam-coming/" target="_blank">according to Internet security firm Sophos</a>. Apparently “thousands of users” had their Facebook Walls affected by the iPhone spam, and now Apple’s Ping appears to be the next target in their sights.<br /><br />Sadly, for now it appears that Ping users will have to grin and bear it. “Ping implements no spam or URL filtering,” explains Sophos, who claims that the service -- less than 48 hours old -- is “drowning in scams and spams.”<br /><br /><em>Follow this article’s author, <a href="http://www.twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em><br /><br /></p>http://www.maclife.com/article/news/iphone_spam_strikes_facebook_and_ping#commentsNewsFacebookPingsecurity breachesspamiPhoneFri, 03 Sep 2010 12:22:41 +0000J.R. Bookwalter8145 at http://www.maclife.comAT&T Investigating Tuesday Security Issues, Pre-Orders Suspended?http://www.maclife.com/article/news/att_investigating_tuesday_security_issues_preorders_suspended
<!--paging_filter--><p><img src="/files/u220903/iPhone_4_apocalypse_380px.jpg" alt="iPhone 4 apocalypse" width="380" height="290" /><br /><em>(Image courtesy of Gizmodo)</em><br /><br />Tuesday was admittedly a crazy day for both Apple and AT&amp;T, as pent-up demand for the iPhone 4 crushed both companies’ servers and even sent the telco’s retail outlets to pen and paper to collect pre-orders. One more sinister element of the day’s insanity is the rumored security breaches on AT&amp;T’s website, which the company is now said to be looking into.<br /><br /><a href="http://www.appleinsider.com/articles/10/06/16/att_looking_into_rumored_iphone_4_preorder_security_issues.html" target="_blank">AppleInsider is reporting</a> that AT&amp;T is taking claims on Tuesday that customer data was being exposed during the iPhone 4 pre-order melee very seriously. The issue occurred at the height of the pre-order meltdown, as customers tried to log into their online account on AT&amp;T’s website only to see another person’s name and information when they attempted to pre-order the iPhone 4.<br /><br />It would be putting it mildly to say that AT&amp;T’s servers failed on Tuesday, particularly for existing iPhone users trying to pre-order an iPhone 4 from either the telco or Apple.com. A major part of the order process is to verify customer eligibility for an upgrade so the shopping cart knows the correct price to charge for the update, but most potential customers kept seeing a wide variety of timeouts or worse yet, the site going down completely for a period of time. (We first attempted to pre-order an iPhone 4 at 8 am EST from Apple.com and weren’t successful after numerous attempts until almost 12 hours later!)<br /><br />While not being able to place a pre-order is frustrating enough, AT&amp;T may have real trouble on its hands if the rumors of a security breach are true. At first AT&amp;T seemed to brush off the reports, claiming they couldn’t duplicate the problem at their end -- but they seem to be taking it more seriously now, especially in light of the recent iPad 3G security breach.<br /><br />"We have received reports of customers inadvertently seeing the wrong account information during the iPhone 4 purchasing process," an AT&amp;T company spokesperson said. "We have been unable to replicate the issue, but the information displayed did not include call-detail records, social security numbers, or credit card information. In the meantime, we are looking into this matter."<br /><br /><a href="http://www.appleinsider.com/articles/10/06/16/att_looking_into_rumored_iphone_4_preorder_security_issues.html" target="_blank">An anonymous AT&amp;T insider has reported to Gizmodo</a> that an allegedly “faulty server software update” could be at the root of the telco’s online troubles, and <a href="http://gizmodo.com/5564913/" target="_blank">they now have evidence</a> that credit card and other personal data may, in fact, have also been exposed during yesterday’s meltdown.<br /><br />In the meantime, <a href="http://www.boygeniusreport.com/2010/06/16/att-memo-iphone/?utm_source=feedburner&amp;utm_medium=twitter&amp;utm_campaign=Feed%3A+TheBoyGeniusReport+%28Boy+Genius+Report%29" target="_blank">Boy Genius Report is claiming</a> that the company has clamped down on pre-orders for both the iPhone 4 and the refreshed iPhone 3GS 8GB model, which includes new activations, upgrades and exchanges. Hope you got your order in yesterday, because it looks like the iPhone apocalypse isn’t over yet…<br /><br /><em>Follow this article’s author, <a href="http://www.twitter.com/JRBTempe" target="_blank">J.R. Bookwalter on Twitter</a></em><br /><br /></p>http://www.maclife.com/article/news/att_investigating_tuesday_security_issues_preorders_suspended#commentsNewsAT&Tiphone 4iPhone LaunchPre-orderssecurity breachesiPhoneWed, 16 Jun 2010 13:31:14 +0000J.R. Bookwalter7276 at http://www.maclife.com